diff --git a/bin/external/localeo/LocaleoScript.php b/bin/external/localeo/LocaleoScript.php
index 708fd52252cd013d0bd6d90c929cfebea30c05c7..04281f3249853ee76d7a82c92b89c58d4c474cf9 100644
--- a/bin/external/localeo/LocaleoScript.php
+++ b/bin/external/localeo/LocaleoScript.php
@@ -361,7 +361,7 @@ class LocaleoScript
'res_attachments.res_id_master = res_letterbox.res_id', "res_letterbox.external_id->>'localeoId' is not null",
"res_attachments.external_id->>'localeoId' is null", 'res_attachments.status not in (?)'
],
- 'data' => [['DEL']]
+ 'data' => [['DEL', 'OBS']]
]);
foreach ($attachments as $attachment) {
@@ -481,7 +481,7 @@ class LocaleoScript
fclose($file);
$resources = \Resource\models\ResModel::get([
- 'select' => ['res_id', 'subject', 'format', 'path', 'filename', 'docserver_id', "external_id->>'localeoId' as \"localeoId\""],
+ 'select' => ['res_id', "external_id->>'localeoId' as \"localeoId\""],
'where' => $where,
'data' => $data
]);
diff --git a/src/app/history/controllers/HistoryController.php b/src/app/history/controllers/HistoryController.php
index b8025fe2adb45969f3c5827e43a99e7e45d14941..0419127c97a952c39f870ab456a05400d1f317e7 100755
--- a/src/app/history/controllers/HistoryController.php
+++ b/src/app/history/controllers/HistoryController.php
@@ -35,10 +35,10 @@ class HistoryController
if (!empty($queryParams['resId'])) {
if (!Validator::intVal()->notEmpty()->validate($queryParams['resId']) || !ResController::hasRightByResId(['resId' => [$queryParams['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
- } elseif (empty($queryParams['onlyActions']) && !PrivilegeController::hasPrivilege(['privilegeId' => 'view_full_history', 'userId' => $GLOBALS['id']])) {
- return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
- } elseif (!PrivilegeController::hasPrivilege(['privilegeId' => 'view_doc_history', 'userId' => $GLOBALS['id']])) {
- return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+ } elseif (!PrivilegeController::hasPrivilege(['privilegeId' => 'view_full_history', 'userId' => $GLOBALS['id']])) {
+ if (empty($queryParams['onlyActions']) || !PrivilegeController::hasPrivilege(['privilegeId' => 'view_doc_history', 'userId' => $GLOBALS['id']])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+ }
}
} elseif (!PrivilegeController::hasPrivilege(['privilegeId' => 'view_history', 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
@@ -206,10 +206,10 @@ class HistoryController
if (!empty($queryParams['resId'])) {
if (!Validator::intVal()->notEmpty()->validate($queryParams['resId']) || !ResController::hasRightByResId(['resId' => [$queryParams['resId']], 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
- } elseif (empty($queryParams['onlyActions']) && !PrivilegeController::hasPrivilege(['privilegeId' => 'view_full_history', 'userId' => $GLOBALS['id']])) {
- return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
- } elseif (!PrivilegeController::hasPrivilege(['privilegeId' => 'view_doc_history', 'userId' => $GLOBALS['id']])) {
- return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+ } elseif (!PrivilegeController::hasPrivilege(['privilegeId' => 'view_full_history', 'userId' => $GLOBALS['id']])) {
+ if (empty($queryParams['onlyActions']) || !PrivilegeController::hasPrivilege(['privilegeId' => 'view_doc_history', 'userId' => $GLOBALS['id']])) {
+ return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+ }
}
} elseif (!PrivilegeController::hasPrivilege(['privilegeId' => 'view_history', 'userId' => $GLOBALS['id']])) {
return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);